Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-1487 — Perl vulnerability

CWE-2648 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

4.2%

top 11.25%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Perl Debian Perl

Timeline

PublishedApr 11

Latest updateMay 17

Description

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/perl< perl 5.10.1-20 (bookworm)

▶Debianperl/perl< 5.10.1-20+3

▶NVDperl/perl24 versions+23

Patches

Patch: openwall.com ↗Patch: openwall.com ↗Patch: perl5.git.perl.org ↗

🔴Vulnerability Details

GHSA

GHSA-j9hm-95rh-8hr5: The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5↗2022-05-17

▶

OSV

CVE-2011-1487: The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5↗2011-04-11

▶

💥Exploits & PoCs

Exploit-DB

Perl 5.x - 'lc()' / 'uc()' TAINT Mode Protection Security Bypass↗2011-03-30

▶

📋Vendor Advisories

Ubuntu

Perl vulnerabilities↗2011-05-03

▶

Red Hat

perl: lc(), uc() routines are laundering tainted data↗2011-03-30

▶

Debian

CVE-2011-1487: perl - The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11....↗2011

▶

💬Community

Bugzilla

CVE-2011-1487 perl: lc(), uc() routines are laundering tainted data↗2011-04-01

▶